An introduction to the Identity of ASP.

Reference page:

Http://www.yuanjiaocheng.net/ASPNET-CORE/core-identity.html

Http://www.yuanjiaocheng.net/ASPNET-CORE/core-authorize-attribute.html

Http://www.yuanjiaocheng.net/ASPNET-CORE/core-identity-configuration.html

Http://www.yuanjiaocheng.net/ASPNET-CORE/core-identity-migrations.html

Http://www.yuanjiaocheng.net/ASPNET-CORE/core-user-registration.html

Objective

ASP is still in use in ASP. NET Identity Component library, responsible for the identity of the user authentication, in general, no MVC 5 is so complex, because in the MVC 5 introduced Owin, so many beginners in learning to very laborious, for identity is confused, including me, It took one months before and after learning the identity to understand the principle. So most developers have no love for Identity, and they don't use it, and they feel kidnapped.

Fortunately, in ASP., because of the abstraction of the module and the use of middleware, which makes the Identity learning and use of the route become more approachable, let's take a look.

Getting Started

Before we start, let's forget about it and Entity Framework the relationship, forget it and Authentication the relationship, we first learn a few English words.

There are a few " words " You might need to figure out:

# 1:claims

Everyone should know what the identity card looks like, as follows:

Among them, the name : Obama; gender : male; nationality : Kenya; born : 1961.08.04, etc. these identity information can be seen as a key-value pair , So what if we want to store these things in the program, how do we design them? Yes, you might think of it. Use a dictionary for storage, a key, and a value just to meet your needs. But Key,value's words don't feel too friendly and object-oriented, so is it better if we make an object? At the very least you can use the VS smart hint, let's change it, and change it to the following:

//我给对象取一个名字叫`Claim`你没有意见吧public class Claim{    public string ClaimType { get; set; }    public string ClaimValue { get; set; }}

ClaimType is Key,claimvalue represents a value. In this case, a key-value pair can be stored exactly. 姓名：奥巴马It is not possible to deposit in this time.

Microsoft's people are very intimate, to prepare some of the default for us ClaimType ? A lot of the usual is in it, look at it together:

This extends the first point of knowledge: Claimtypes

In order to read the experience, I only put a part of OH. You can see what name,email,gender,mobilephone and so on are used to have, and many others. The attentive reader may notice that its namespace is System.Security.Claims , and that means that this is part of the. NET Framework, well, we just need to know so much about it for the time being OK.

Claim Introduction finished, is not very simple, how to translate other places I don't care, in this article, it is called " ID unit ".

# 2:claimsidentity

With the " ID Unit ", we can use it to create an identity card, then how to make it? Some students may have thought of, yes, is to create a new object, and then inside the constructor to transfer the identity card unit, and then get an ID card. We give this ID card to take an English name called "claimsidentity", this name seems to be quite in line with, both Claims to express its constituent parts, but also has the identity of its use (identity), very satisfied with a name.

In fact, in real life, some of our ID card information is hidden, part of it can be directly seen. For example, a new generation of ID card stored in your fingerprint information you do not see, these are stored in the ID card inside the chip, that can see such as name Ah, age ah and so on. We design an object is also the same, need to expose something, then here our claimsidentity exposes a name,lable and so on.

Our ID card (claimsidentity) also has an important attribute is the type (AuthenticationType), and so on, authenticationtype what is the thing? Look a little familiar. We know what our own identity card is, it is used to prove our identity, when you prove your identity to show it, in fact, it has a lot of forms of carrier, what does it mean? For example, you can directly take out the physical form of the identity card, which can also be a copy of the paper form, or electronic form of electronic code, and so on, this time need to have a form of the existence of a type field, yes, this authenticationtype is doing this thing.

Then we add some polish to our ID card, make it look good, such as provide some ways to add Claims, delete Claims, write to the binary stream inside ah and so on, finally our ID object looks basically like this:

public class ClaimsIdentity{    public ClaimsIdentity(IEnumerable<Claim> claims){}        //名字这么重要，当然不能让别人随便改啊，所以我不许 set，除了我儿子跟我姓，所以是 virtual 的    public virtual string Name { get; }    public string Label { get; set; }        //这是我的证件类型，也很重要，同样不许 set    public virtual string AuthenticationType { get; }        public virtual void AddClaim(Claim claim);        public virtual void RemoveClaim(Claim claim);        public virtual void FindClaim(Claim claim);}

Well, here, our ID card looks perfect, but it seems to be missing something from an object-oriented perspective. to ~, or abstract, we need to abstract out an interface to do some constraints, what constraints? Since as a credential, it will certainly involve these attribute information:
1, the name. 2, type. 3. Whether the document is lawful or not.
The reaction to the interface is as follows, we give the interface named: " identity (IIdentity)":

This extends the second point of knowledge: the IIdentity interface.

// 定义证件对象的基本功能。public interface IIdentity{    //证件名称    string Name { get; }        // 用于标识证件的载体类型。    string AuthenticationType { get; }        //是否是合法的证件。    bool IsAuthenticated { get; }}

So our claimsidentity ultimately seems to define this:

public class ClaimsIdentity : IIdentity{    //......}

Claimsidentity Introduction finished, is not found is also very simple, other places how to translate I don't care, in this article, it is called " identity card ."

# 3:claimsprincipal

With the identity card, we can prove that I am me, sometimes a person has a lot of ID card, you guess what this person is doing? Yes, not the ox or the con.

However, there are times when a person has a lot of other identities, what do you suppose this person is? It's normal, right, like you can be a teacher, a mother, a businessman. If you want to prove that you have these kinds of identities at the same time, you may need to show the teacher card, your child's birth certificate, the legal representative's business license card.

In the program, an identity card not only represents you as a person, but represents an identity, is to prove your own main identity oh. If a person has many other identities, there is a need to have a thing (carrier) to carry these documents, right? OK, we give the person who needs to carry the document an appropriate name, called the " document Litigant (ClaimsPrincipal)" bar.

Here is Principal the word in the dictionary given the explanation, I use it you should have no idea:

principal  [‘pr?ns?pl]  adj. 主要的；资本的n. 首长；校长；资本；当事人

This time may have the reunion asked, should be called better? ClaimsIdentityPrincipal Well, I also think it should be called claimsidentityprincipal maybe a little better, perhaps Microsoft's people lazy, Jane wrote ClaimsPrincipal .

Knowing its function, the code is very well written, and the same routine as above claimsidentity:

public class ClaimsPrincipal {    //把拥有的证件都给当事人    public ClaimsPrincipal(IEnumerable<ClaimsIdentity> identities){}        //当事人的主身份呢    public virtual IIdentity Identity { get; }        public virtual IEnumerable<ClaimsIdentity> Identities { get; }        public virtual void AddIdentity(ClaimsIdentity identity);        //为什么没有RemoveIdentity ， 留给大家思考吧？}

People seemed almost perfect at the time, but what else do we need to abstract and abstract? As a party, you should have a master identity, it is your ID, you may also use the role (the role will be described in detail, here you know there is a thing to do).

This extends the third point of knowledge: the IPrincipal interface.

public interface IPrincipal{    //身份    IIdentity Identity { get; }        //在否属于某个角色    bool IsInRole(string role);}

Then our ID party should look like this:

public class ClaimsPrincipal : IPrincipal {   //...}

ClaimsPrincipal Introduction, it's simple, right? Other places how to translate I don't care, in this article, it is called " document litigant ".

Think in, we already know "ID unit (CLAIMS)", "Identity card (claimsidentity)", "Document Litigant (ClaimsPrincipal)", and tidy up their logical relationship between the strike, The following figure is an identity login part of the incomplete, dotted circle out of the part should be able to read it:

As you can see, first we have some document units on the app side, and then call ClaimsIdentity the ID unit initialized to an identity card , and then the ID card to the person to be kept by the document .

Just put Getting Started finish, found already so long, so intends to write a series, maybe 3-4 articles.

Summarize

Well, this article first introduced here, in this blog, we learned a few English words, and know that these English words in the program is to play how this is an object. And according to the diagram we know how these objects are located in the entire authentication system. I found that if I wanted to make it clear that it was not enough to rely on this blog, the next piece of middleware would be .NET Authentication cobwebs until mastered. NET of the entire authentication system, we look at the identiy and the Entity Framework has what kind of love and hatred.

This is just the beginning, if you feel that this blog is helpful to you, thank you for your "recommendation", if you are interested in. NET core can follow me, I will regularly share on the blog about. NET core learning experience.

This address: http://www.cnblogs.com/savorboard/p/aspnetcore-identity.html
Author Blog: Savorboard
Welcome reprint, please give the source and link in obvious position

An introduction to the Identity of ASP.